PRIVACY POLICY

Last Updated: October 26, 2020

We at Assurex Global appreciate the trust you have placed in us. In serving you, we are given access to information that is often both sensitive and proprietary. We want you to know that reputation and integrity––in the way we operate and the methods by which we conduct business––is a top priority. As such, we take the responsibility of protecting your information seriously.

This policy applies to information we collect:

  • On this website at https://assurexglobal.com (our “Website”), including in email, text and other electronic messages between you and this Website (as a “Visitor”).
  • From our Partner provided resources including Community, Passport or any other resource offered by us for use by the Partnership

It does not apply to information collected by any third party through any content that may link to or be accessible from or on our Website. To learn how a third-party application uses your information, please review their privacy policy.

Please read this carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website or our services. By accessing or using this Website or our services, you agree to this privacy policy. This policy may change from time to time (see Changes to Our Privacy Policy below). Your continued use of this Website or our services after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Purpose of This Notice

In compliance with the Gramm-Leach-Bliley Act (GLBA, a USA regulation), General Data Protection Regulation (GDPR, an EU regulation), Ohio Data Protection Act (ODPA), California Consumer Privacy Act (CCPA, a California regulation), New York Shield Law (NYSL) and other applicable data protection laws, Assurex Global is required to notify you of our privacy policy used for ensuring confidentiality. We are providing you with this document, which notifies you of the privacy policies and practices of Assurex Global.

The GLBA, which became effective July 1, 2001, and related privacy laws of the various states, generally prohibit us from sharing nonpublic, personal information about you with a third party in a manner not permitted by law. Further, they require us to provide you with this annual notice of our privacy policies and practices. Similarly, the GDPR, as of May 25, 2018, prohibits us from processing any personal data of an individual without authorized grounds. The ODPA, CCPA and NYSL takes a similar approach, and provide further additional protections, such as the right to non-discrimination for exercising your rights. This policy and practice notification describes the types of information that we collect about you and the categories of persons or entities to whom that information may be disclosed.

Assurex Global Privacy Policies and Practices

When you use this Website, as a Partner or User or simply a Visitor, we collect different types of information.

Personal data means any information relating to an identified or identifiable natural person. The legal bases for the processing of the personal data we collect are primarily that the processing is necessary for us to provide services and that the processing is in our legitimate interests, which is explained in greater detail below. We may also process data on your consent, asking for it as appropriate.

Usage Data means additional information regarding Users’ activities on the website, Passport or other resources provided for collection of data. For instance, when you review a section of our website that does not require you to log in with unique user credentials, we may collect anonymous Usage Data that may not reasonably be used to identify you as the source. Usage Data includes “click stream” activity such as when you clink on a banner advertisement; the type of Internet browser and computer operating system you are using; the location from which you are accessing the website; the URL of the website from which you linked to our website; and the areas of our website you visited.

Information We Collect

A. Information We Collect About You and How We Collect It

We collect several types of information from and about Users of our Website, including:

  • Information by which you may be personally identified, such as name, postal address, email address, telephone number – that is, your personal data.
  • Information about your internet connection, the equipment you use to access our Website – that is, usage details.
  • Information about you as an applicant or Partner to our Company or a prospect to our Company available from public data sources.

We collect this information:

  • Directly from you when you voluntarily provide it to us.
  • From third parties who provide information about businesses, employees, insurance companies we contact or other consumer reporting agencies, vendors that aggregate your information as an applicant or prospect from various publicly available data sources
  • Automatically as you navigate through our Website. Information collected automatically may include usage details, IP addresses and information collected through cookies, web beacons and other tracking technologies.

B. Information You Provide to Us

The information we collect on or through our Website may include:

  • Information that you provide to us by filling out Affiliation Agreements, applications, and other forms.
  • Information that you provide to us via our website, including applications and forms, requests for services, worksheets, newsletter subscriptions, and seminar and workshop registration.
  • Records and copies of your correspondence (including email addresses) if you contact us.
  • Your search queries on our Website.

C. Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, including:

  • Details of your visits to our Website, including traffic data, location data, logs and other communication data and the resources that you access and use on the Website.
  • Information about your computer and internet connection, including your IP address, operating system, and browser type.

We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking).  The information we collect automatically helps us to improve our Website and to deliver a better and more personalized service.

The technologies we use for this automatic data collection may include:

  • Cookies (or Browser Cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.
  • Flash Cookies. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see http://www.adobe.com/devnet/security.html.

Web Beacons. Pages of our Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

D. Children Under the Age of 16

The services provided via our Website are not intended for children under 16 years of age.  We do not market to and do not knowingly collect, disclose, or sell any Personal Information from, or about a child under the age of 16 without the consent of the child’s parent or legal guardian.  If we discover that we have inadvertently collected information from a child under 16 years of age, we will promptly take all reasonable measures to delete such information from our systems.

How We Use Your Information

We use information that we collect about you or that you voluntarily provide to us, including any personal data in the ways outlined below. Further, to perform these tasks, we may transfer your data to countries in the European Economic Area (EEA) or outside the area to include the United States of America (USA), for processing using appropriate safeguards when necessary.

A. Operations

We use this information to (i) provide you with information or services that you request from us and to provide customer service, (ii) carry out our obligations and enforce our rights arising from any contracts or agreements entered into between you and us, (iii) any obligations we have arising from contracts entered into between us and third-party service providers that assist us with hosting and maintaining our website or other collection mechanism, analyze online activity to our website and applications, and managing our daily business operations and delivery of products and services, (iv) to verify information and the qualification of your business and individuals affiliated with it and to confirm that you meet certain requisite criteria for membership or inclusion within certain products or programs, (v) in emergency situations to share your information when doing so is necessary to protect an interest that is essential for an individual’s life, (vi) when necessary for our legitimate interests, as long as such interests are not overridden by our User’s interests, rights, and freedoms with respect to their Personal Data, (vii) when required by law.

B. Improvements

We use the information to understand and analyze the usage trends and preferences of our Visitors and Users, to improve the services we provide, and to develop new products, services, features, and functionality. Should this purpose require Assurex Global to process any personal data, then the data will only be used in anonymized or aggregated form.

C. Communications

We may use a Partner, Visitor’s or User’s email address or other information to contact that Partner, Visitor or User (i) for administrative purposes such as customer service, (ii) with updates on events, relating to the services offered by us and by third parties we work with, (iii) to provide industry circulars that you have signed up for or related to the services we provide you, and (iv) to notify you about changes to our Website or any services we offer or provide though it. You have the ability to opt-out of receiving any marketing communications as described in this privacy policy.

D. Cookies and Tracking Technologies

We may use automatically collected information, as well as through cookies and similar technologies to: (i) personalize our services, such as remembering a Partner, User’s or Visitor’s information so that the Partner, User or Visitor will not have to re-enter it during a visit or on subsequent visits; (ii) provide customized content, and information; (iii) monitor and analyze the effectiveness of our services and marketing activities; and (iv) monitor aggregate site usage metrics such as total number of visitors and pages viewed. You can obtain more information about cookies by visiting http://www.allaboutcookies.org.

E. Analytics

We use Google Analytics to measure and evaluate access to and traffic for our Website administrators. Google operates independently from us and has its own privacy policy, which we strongly suggest you review. Google may use the information collected through Google Analytics to evaluate Users’ and Visitors’ activity on our Site. For more information, see Google Analytics Privacy and Data Sharing.

We take measures to protect the technical information collected by our use of Google Analytics. The data collected will be used on a need to know basis to resolve technical issues, administer the Website and identify Visitor preferences; but in this case, the data will be in non-identifiable form. We do not use any of this information to identify Partner, Visitors or Users.

F. Consent

With your consent, we can also use the information we collect (i) to fulfill any other purpose for which you provide it and (ii) in any other way we may describe when you provide the information.

Information Disclosed to Third Parties

Except as described in this policy, we will not intentionally disclose personal data that we collect or store to third parties without the consent of the applicable Partner, User or Visitor. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances.

A. Managing Business on Your Behalf

We may disclose information, such as information provided by you, application or other forms of data or your transactions with us, to a (i) third party if the disclosure will enable that party to perform a business, professional or insurance function for us and the data provided is anonymized (ii) regulatory authority, law enforcement, or other governmental authority in order to protect our interest or if we are required by law to divulge the information.

The contractors and other third parties we use to support our business are bound by contractual obligations to keep personal data confidential and use it only for the purposes for which we disclose it to them.

B. Technical Service Providers

We work with third party service providers who provide website, application development, hosting, maintenance, and other services for us. These third parties may have access to, or process personal data or Partner data as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information.

C. Non-Personally Identifiable Information

We may make certain automatically-collected, aggregated, or otherwise non-personally-identifiable information available to third parties for various purposes, including (i) for business or marketing purposes; or (iii) to assist such parties in understanding our Partner’s, Users’ and Visitors’ interests, habits, and usage patterns for our Website and services.

D. Law Enforcement, Legal Process and Compliance

We may disclose personal data or other information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies.

We also reserve the right to disclose Personal Data or other information that we believe, in good faith, is appropriate or necessary to (i) take precautions against liability, (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend ourselves against any third-party claims or allegations, (iv) enforce or apply our terms of use and other agreements, including for billing and collection purposes.  (v) protect the security or integrity of our services and any facilities or equipment used to make our services available, (vi) protect our property or other legal rights, enforce our contracts, or protect the rights, property, or safety of others.

E. Consent

We may also disclose information to third parties with your consent, within the parameters you provide it.

Your Choices

You have the following rights. As applicable, you may have the right to access, amend, and delete your personal data as detailed below under the GDPR, ODPA, CCPA, NYSL or other applicable data protection regulation. You have the right to non-discrimination. That is, we will not discriminate against you for exercising any of these rights. You have the right to opt-out of the sale of your personal information.

A. Access, Correction, Deletion

We respect your privacy rights and provide you with reasonable access to the personal data that you may have provided through your use of this Website and services. If you wish to access or amend personal data we hold about you, or to request that we delete or transfer information about you that we have obtained, you may contact us as set forth in the sections below. At your request, and when permitted under the applicable law or regulation, we will have references to you deleted or blocked in our database.

You may update, correct, or delete your account information by contacting us or as provided by our services. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

You may decline to share certain personal data with us, in which case we may not be able to provide to you some of the features and functionality of our Website or services.

At any time, you may object to the processing of your personal data, on legitimate grounds, except if otherwise permitted by applicable law. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact us. You also have a right to lodge a complaint with the appropriate regulatory body. Individuals from the EEA may file a complaint with EU data protection authorities (“DPAs”).  A list of DPAs from the European Commission may be found here:

http://ec.europa.eu/newsroom/article29/document.cfm?action=display&doc_id=50061.

This provision does not apply to personal data that is part of data provided by a Partner. In this case, the management of the Partner data may be subject to other policies, including the Partner’s own privacy policy. Any request for access, correction or deletion should be made to the Partner responsible for the uploading and storage of such data onto our service.

Your right includes the right to know the source of the information and the identity of the persons, institutions or types of institutions to whom we have disclosed such information within one or two years prior to your request, depending on your jurisdiction. This information can be copied in person, received via email or mail.

To exercise your rights under these data protection regulations, you may contact us via telephone at 614.734.6066, or email us at privacy@assurexglobal.com.

The request should include the identifying information about yourself and the relevant recorded information at issue. The request should state how you would like to access your information. Upon receipt of your request, we will contact you within ten (10) days confirm your requests and within the appropriate regulatory timeframes to make the relevant arrangements. Where you request that certain information be corrected, amended, or deleted, we will either notify you that we have made the correction, amendment or deletion, or that we refuse to do so and the reasons for the refusal, which you will have the opportunity to challenge.

Please note that to protect your information, we may need to verify your identity before processing your request. In some cases, we may need to collect additional information to verify your identity.

You may exercise these rights yourself or you may designate an authorized agent to make these requests on your behalf. We may request that your authorized agent have written permission from you to make requests on your behalf and may need to verify your authorized agent’s identity.

B. Opting out from Commercial Communications

If you receive marketing or communication emails from us, you may unsubscribe at any time by following the instructions contained within the email or by sending an email to the address provided below. Please be aware that if you opt-out of receiving marketing email from us it may take up to ten (10) business days for us to process your request. Additionally, even after you opt-out from receiving commercial messages from us, you will continue to receive administrative messages from us regarding the use of our services.

Assurex Global has no direct relationship with a Partner’s clients or third party whose personal data it may process on behalf of a Partner. An individual who seeks access, or who seeks to correct, amend, delete inaccurate data, or withdraw consent for further contact should direct his or her query to the Partner they deal with directly. If the Partner requests we remove the data, we will respond to its request within thirty (30) days. We will delete, amend or block access to any Personal Data that we are storing only if we receive a written request to do so from the Partner who is responsible for such personal data, unless we have a legal right to retain such personal data. We reserve the right to retain a copy of such data for archiving purposes, or to defend our rights in litigation. Any such request regarding Partner data should be addressed as indicated in the section below and include sufficient information for us to identify the client or its customer or third party and the information to delete or amend.

C. Sale of personal data

We do not sell your personal information. However, we support the ODPA, CCPA, NYSL and others by allowing you to opt out of any future sale of personal information. If you would like to record your preference that Assurex Global not sell your data in the future, you may contact us at 614-734-6066, or email us at privacy@assurexglobal.com.

Cookies

Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognizes that cookie. Cookies are useful because they allow a website to recognize a user’s device.

Cookies do many different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improve the user experience. They can also help to ensure that adverts you see online are more relevant to you and your interests.

A list of all the cookies used on this website by category is set out below.

A. Strictly Necessary cookies

We consider these cookies essential for you to navigate our site and use its features, such as logging into secure, Partner or customer only areas of the site.  Without these cookies, services you may request cannot be provided.

Examples of Strictly Necessary cookies:

  • Registered Visitor cookie: Each registered user gets a unique id number, which is used to recognize them during the site visit and also upon their return.   (Also applies to Functionality cookies below.)

B. Performance cookies

Aggregated, non-personally identifiable Information is collected about each user on each visit and use of this website. For example: which pages you visit the most often, and if you get error messages from web pages. These cookies don’t collect information that identifies a visitor. Information collected by these cookies is anonymous and is only used to improve how this website works.

Examples of Performance Cookies include:

  • Referrer URL (internal page): Stores the URL of the previous page visited. Allows us to track how visitors navigate throughout our site.
  • Referrer URL (set on external pages, such as clicking on links on Assurex Global social media pages):  Stores the URL which refers a visitor to our site so we may understand which URLs are referring visitors to our site.
  • URL history:  Stores the pages visited by a user.
  • Unregistered Visitor cookie: Allows analysis on how unregistered visitors use our site
  • Session Management cookies: Allows us to follow the actions of a user on our website during a browser session. A browser session begins when a user opens the browser window, visits our site, and ends when the visitor leaves the site and closes the browser window. Session Management cookies are created temporarily but deleted once the browser window is closed.

C. Functionality cookies

Allows us to remember choices a user makes (such as a username, language, or the region) in order to provide more enhanced, personal, and persistent features.  None of these collect personally identifying information.  Each user is counted as an anonymous ID. These cookies cannot track browsing activity on other websites. They don’t gather any information about website visitors that could be used for advertising or remembering where a user has been on the Internet outside our site.

Examples of Functionality Cookies include:

  • Registered Visitor cookie: Used to identify a registered user to our site with a unique id, so that we may serve them content and offers based on their profiles. Also used for analysis and marketing purposes. (See also Strictly Necessary cookies above.)

D. Targeting cookies

Used from time to time to: (1) deliver marketing pieces more relevant to you and your interests; (2) limit the number of times you see a marketing piece; (3) help measure the effectiveness of the marketing campaign; and (4) understand people’s behavior after they view a marketing piece. They are usually placed on behalf of advertising or marketing networks with the site operator’s permission. They remember that you have visited a site and quite often they will be linked to site functionality provided by the other organization. Assurex Global use them for gathering analytics and intelligence about the site.

Examples of Targeting Cookies include:

  • Retargeting and re-engagement cookies: Allows us to display marketing to people who have previously visited the website or used our apps and match the right people with the right message.
  • Gathering analytics and intelligence cookies
  • Third Party cookies: The Targeting cookies as described above may also be used on third party websites and third parties may use them on our websites as follows:
    • Social media sites: Third-party social media sites may log information about you. This may include activities such as when you click an “Add This” or “Like” button for a social media site while on our site. We do not control such sites or their activities. You may be able to find information about social media sites on the sites themselves. We recommend you read the terms of use and privacy policy of such sites before using them.

Assurex Global Marketing on non-Assurex Global Sites

Cookies may be placed on non-Assurex Global sites so that when you click on a Assurex Global marketing piece located on these sites, Assurex Global is provided with this information to enable us to measure and improve the effectiveness of our marketing efforts and to reduce the frequency of those pieces not relevant to each User’s interests.

Third Party Services

The Website may contain features or links to websites and services provided by third parties. Any information you provide on third-party sites or services is provided directly to the operators of such services and is subject to those operators’ policies, if any, governing privacy, and security, even if accessed through us. We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through our Website. We encourage you to learn about third parties’ privacy and security policies before providing them with information.

Information Confidentiality and Security

We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain appropriate administrative, technical, and physical safeguards to protect personal data against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the personal data in our possession. This includes, for example, firewalls, password protection and other access and authentication controls.

However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store with us, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If you believe your Personal Data has been compromised, please contact us as set forth in the “Contact Us” section.

If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law.

We restrict access to your nonpublic, personal data to our employees on a “need to know” basis. We maintain physical, electronic, and procedural safeguards that comply with Federal and State regulations to guard your nonpublic personal data. We will continue to protect and treat your information as confidential.

Data Retention

We only retain personal data for as long as the purposes for which we have initially collected it. Where we collect that information through the consent provide by an individual, but that individual withdraws consent, we will delete that information within a reasonable time. Where that information is retained and necessary for us to comply with our legal obligations, resolve disputes, enforce our agreements, or comply with various regulations, we will retain that information for the period of time required for that purpose or 7 years from that date.

Data Transfer

We may transfer, process and store personal data we collect through our services in centralized databases and with service providers located in the USA. The USA may not have the same data protection framework as the country from which you may be using our services. When we transfer personal data to the USA, we will protect it as described in this Privacy Policy.

Our services are hosted in the USA. If you choose to use our services from the European Union or other regions of the world with laws governing data collection and use that may differ from USA law, then please note that you may be transferring your data and personal data outside of those regions to the USA for storage and processing by our service providers.

We will comply with GDPR requirements providing adequate protection for the transfer of personal information from the EEA to the USA. Also, we may transfer your data to the USA, the EEA, or other countries or regions deemed by the European Commission to provide adequate protection of personal data in connection with storage and processing of data, fulfilling your requests, and operating our services. We may also transfer your personal data to the other countries or regions not in the EEA or USA, but will do so only with your consent or where we have agreements in place on such restricted data transfers with the relevant third party.

Data Controller and Data Processor

Assurex Global does not own, control, or direct the use of any of the Partner data stored or processed by us. We process any Partner data on the direction of the Partner in providing them with services under their relevant agreements with us. Because Assurex Global does not collect or determine the use of any personal data contained in the Partner data and because it does not determine the purposes for which such personal data is collected, the means of collecting such personal data, or the uses of such personal data, Assurex Global is not acting in the capacity of data controller in terms of the European Union’s General Data Protection Regulation (Regulation (EU) 2016/679, also known as the GDPR)  and does not have the associated responsibilities under the GDPR. Assurex Global should be considered only as a processor on behalf of its Partners and users as to any client data containing personal data that is subject to the requirements of the GDPR. Except as provided in this Privacy Policy, Assurex Global does not independently cause Partner data containing personal data stored in connection with our services to be transferred or otherwise made available to third parties, except to third party subcontractors who may process such data on our behalf in connection with Assurex Global’s provision of our services. Such actions are performed or authorized only by the applicable Partner or User.

The Partner or the User is the data controller under the GDPR for any Partner data containing personal data, meaning that such party controls the manner such personal data is collected and used as well as the determination of the purposes and means of the processing of such personal data.

Where we collect information on our own behalf, and not to effectuate our services for a Partner, we are a data controller for purposes of the GDPR as to personal data of data subjects. Where Assurex Global is a data controller under the GDPR, we will comply with the requirements to provide adequate data privacy and protection of the personal data that we control.

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our Users’ personal data, we will notify you by email to the primary email address specified in your account, through a notice on the Website home page, or both. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

Contact Us

For any requests under this privacy policy, or should you have any questions about our organization or privacy policy please contact us:

Via mail at:

Attn: COO, Assurex Global

175 S. 3rd Street, Suite 800

Columbus, OH 43215

Via telephone at:

614-734-6066

Via email at:

privacy@assurexglobal.com.